rustls versions 0.23.18 and 0.23.19 contains fix for vulnerability RUSTSEC-2024-0399. However, 0.23.18 bumps MSRV to 1.71. 0.23.19 reverts MSRV back to 1.63.
We enforce min rustls version to 0.23.19 to make it easier to compile on MSRV and ensure we include the RUSTSEC-2024-0399 fix.
Note that in CI, I decided to pin rustls dependency to 0.23.19 explicitly. This is because in future versions of rustls, the MSRV will be changed to 1.71.
rustlsversions 0.23.18 and 0.23.19 contains fix for vulnerability RUSTSEC-2024-0399. However, 0.23.18 bumps MSRV to 1.71. 0.23.19 reverts MSRV back to 1.63.We enforce min
rustlsversion to 0.23.19 to make it easier to compile on MSRV and ensure we include the RUSTSEC-2024-0399 fix.Note that in CI, I decided to pin
rustlsdependency to 0.23.19 explicitly. This is because in future versions ofrustls, the MSRV will be changed to 1.71.Context: https://github.com/rustls/rustls/pull/2244